Delaware, USA – July 18, 2018 – Unknown attackers infected with ransomware all the systems of Mahatma Gandhi Mission Hospital. The incident occurred on Sunday, July 15, it became known when one of the MGM hospital employees switched on the computer. The system administrator received an email with the demand with ransom notes demanding bitcoins […]
Delaware, USA – July 17, 2018 – Researchers from CSE Cybsec discovered a new APT campaign conducted by the infamous Fancy Bear group. The recent cyberespionage campaign of APT28 targeted Italian military organizations. Researchers discovered 4 versions of the dropper written in Delphi, which downloads a modified version of the modular multiplatform X-Agent backdoor that […]
Delaware, USA – July 13, 2018 – Jared Dylan Sparks stole from LBI, Inc. more than 5,000 files of confidential information related to the development of underwater drones. Sparks worked for the company from January 2010 to December 2011, and shortly before the move to a competing company, a former engineer uploaded documentation from his […]
Delaware, USA – July 12, 2018 – Unknown hackers compromised http://www.videosoftdev.com and several times replaced download links on VSDC video editor redirecting users to attackers’ server. The last replacement occurred on July 6, and it was found by experts from Qihoo 360 Total Security. The investigation revealed that similar attacks also occurred on June 18 […]
Delaware, USA – July 11, 2018 – This month Microsoft released updates for 15 of its products fixing 53 security flaws, almost half of which are related to remote code execution. They fixed 14 different Memory Corruption Vulnerabilities in Microsoft Scripting Engine and 9 important and critical security flaws in Microsoft Explorer and Edge browsers. […]
Delaware, USA – July 10, 2018 – The BlackTech APT group conducts cyber-espionage campaigns against East Asian countries; especially they are interested in companies and state institutions in Taiwan. Researchers from ESET uncovered an active campaign distributing Plead backdoor signed with legitimate code-signing certificates. Plead is a backdoor that allows adversaries to download and run […]
Delaware, USA – July 9, 2018 – Security researchers from Checkpoint discovered a new campaign targeted government institutions in the Middle East. Researchers found several clues pointed to Gaza Cybergang as a threat actor behind this campaign. The campaign’s primary target is the Palestinian Authority, and the first malware samples were compiled at the end […]
Delaware, USA – July 6, 2018 – The new version of Rakhni malware is spreading in the wild, it analyzes a victim’s system and determines which component to install: ransomware or coinminer. Researchers from Kaspersky Lab have published an analysis of this somewhat unusual malware. Rakhni trojan has been known for 5 years, and attackers […]
Delaware, USA – July 5, 2018 – Less than a month has passed since the publication of Proof-of-Concept code that can be used to deliver malware using the SettingContent-ms files, and now security researchers discovered the first working exploitation chains. On June 11, Matt Nelson published the research of a new possible attack vector, and […]
Delaware, USA – July 4, 2018 – The PROPagate code injection technique was described in November 2017, but adversaries managed to weaponize it only in recent attacks. This technique allows to inject malicious code into a number of MS Windows applications, but it was not considered a serious threat since its exploitation is possible only […]